gitadmin/ArchiTools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): correct callbackUrl and auto-redirect to Authentik

Browse Source 
- Use NEXTAUTH_URL instead of request.url for callbackUrl (was 0.0.0.0:3000)
- Add custom /auth/signin page that auto-calls signIn("authentik")
- Skip the intermediate "Sign in with Authentik" button page
- Exclude /auth/signin from middleware matcher

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
AI Assistant
2026-03-09 12:39:50 +02:00
parent ca4d7b5d8d
commit bb3673b4aa
2 changed files with 37 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/app/auth/signin/page.tsx
+29
View File
@@ -0,0 +1,29 @@
"use client";
import { signIn } from "next-auth/react";
import { useSearchParams } from "next/navigation";
import { useEffect } from "react";
/**
* Custom sign-in page that auto-redirects to Authentik.
* Skips the default NextAuth provider chooser (no "Sign in with Authentik" button).
*/
export default function SignInPage() {
const searchParams = useSearchParams();
const callbackUrl = searchParams.get("callbackUrl") || "/";
useEffect(() => {
void signIn("authentik", { callbackUrl });
}, [callbackUrl]);
return (
<div className="flex h-screen items-center justify-center bg-background">
<div className="flex flex-col items-center gap-4">
<div className="h-8 w-8 animate-spin rounded-full border-4 border-primary border-t-transparent" />
<p className="text-sm text-muted-foreground">
Se redirecționează către autentificare...
</p>
</div>
</div>
);
}
src/middleware.ts
+8 -4
View File
@@ -27,9 +27,13 @@ export async function middleware(request: NextRequest) {
);
}
// Page routes: redirect to NextAuth sign-in with callbackUrl
const signInUrl = new URL("/api/auth/signin", request.url);
signInUrl.searchParams.set("callbackUrl", request.url);
// Use NEXTAUTH_URL as base (request.url uses container's internal 0.0.0.0:3000)
const baseUrl = process.env.NEXTAUTH_URL || "https://tools.beletage.ro";
const callbackUrl = `${baseUrl}${pathname}${request.nextUrl.search}`;
// Redirect to custom sign-in page (auto-forwards to Authentik)
const signInUrl = new URL("/auth/signin", baseUrl);
signInUrl.searchParams.set("callbackUrl", callbackUrl);
return NextResponse.redirect(signInUrl);
}
@@ -42,6 +46,6 @@ export const config = {
* - /favicon.ico, /robots.txt, /sitemap.xml
* - Files with extensions (images, fonts, etc.)
*/
"/((?!api/auth|_next|favicon\\.ico|robots\\.txt|sitemap\\.xml|.*\\..*).*)",
"/((?!api/auth|auth/signin|_next|favicon\\.ico|robots\\.txt|sitemap\\.xml|.*\\..*).*)",
],
};